-
Notifications
You must be signed in to change notification settings - Fork 24
102 lines (93 loc) · 3.35 KB
/
central_code_quality_check.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
# Please do not attempt to edit this flow without the direct consent from the DevOps team. This file is managed centrally.
# Contact @moabu
# Sonar cloud https://sonarcloud.io/organizations/janssenproject/projects
name: Code quality check
on:
push:
branches:
- master
- main
- "4.5"
pull_request:
branches:
- master
- main
- "4.5"
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
env:
JVM_PROJECTS: |
GluuFederation/oxAuth
GluuFederation/oxTrust
GluuFederation/scim
GluuFederation/oxShibboleth
GluuFederation/fido2
GluuFederation/oxd
GluuFederation/casa
GluuFederation/gluu-opendj4
NON_JVM_PROJECTS: |
GluuFederation/gluu-passport
GluuFederation/gluu-admin-ui
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of sonarqube analysis
- name: Set up JDK 11
if: contains(env.JVM_PROJECTS, github.repository)
uses: actions/setup-java@v3.7.0
with:
java-version: 11
distribution: 'adopt'
- name: Cache SonarCloud packages for JVM based project
if: contains(env.JVM_PROJECTS, github.repository)
uses: actions/cache@v3.0.11
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Build and analyze JVM based project
if: contains(env.JVM_PROJECTS, github.repository)
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
case "$GITHUB_REPOSITORY" in
"GluuFederation/gluu-opendj4")
echo "Build opendj-sdk first for gluu-opendj4"
mvn -B -f opendj-sdk/pom.xml -DskipTests clean install
;&
"GluuFederation/oxAuth")
;&
"GluuFederation/oxTrust")
;&
"GluuFederation/scim")
;&
"GluuFederation/casa")
;&
"GluuFederation/oxd")
echo "Run Sonar analysis without test execution"
mvn -B -DskipTests=true install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
;;
*)
echo "Run Sonar analysis with test execution"
mvn -B install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
;;
esac
- name: Convert repo org name to lowercase for non JVM projects
if: contains(env.NON_JVM_PROJECTS, github.repository)
env:
REPO_OWNER: ${{ github.repository_owner }}
run: |
echo "REPO_ORG=${REPO_OWNER,,}" >>${GITHUB_ENV}
- name: SonarCloud Scan for non-JVM project
if: contains(env.NON_JVM_PROJECTS, github.repository)
uses: SonarSource/sonarcloud-github-action@master
with:
args: >
-Dsonar.organization=${{ env.REPO_ORG }}
-Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}